Skip to main content
POST
/
auth
/
connections
/
{id}
/
login
JavaScript
import Kernel from '@onkernel/sdk';

const client = new Kernel({
  apiKey: process.env['KERNEL_API_KEY'], // This is the default and can be omitted
});

const loginResponse = await client.auth.connections.login('id');

console.log(loginResponse.id);
import os
from kernel import Kernel

client = Kernel(
api_key=os.environ.get("KERNEL_API_KEY"), # This is the default and can be omitted
)
login_response = client.auth.connections.login(
id="id",
)
print(login_response.id)
package main

import (
"context"
"fmt"

"github.com/kernel/kernel-go-sdk"
"github.com/kernel/kernel-go-sdk/option"
)

func main() {
client := kernel.NewClient(
option.WithAPIKey("My API Key"),
)
loginResponse, err := client.Auth.Connections.Login(
context.TODO(),
"id",
kernel.AuthConnectionLoginParams{},
)
if err != nil {
panic(err.Error())
}
fmt.Printf("%+v\n", loginResponse.ID)
}
curl --request POST \
--url https://api.onkernel.com/auth/connections/{id}/login \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"proxy": {
"id": "<string>",
"name": "<string>"
},
"record_session": true
}
'
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://api.onkernel.com/auth/connections/{id}/login",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'proxy' => [
'id' => '<string>',
'name' => '<string>'
],
'record_session' => true
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
HttpResponse<String> response = Unirest.post("https://api.onkernel.com/auth/connections/{id}/login")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"proxy\": {\n \"id\": \"<string>\",\n \"name\": \"<string>\"\n },\n \"record_session\": true\n}")
.asString();
require 'uri'
require 'net/http'

url = URI("https://api.onkernel.com/auth/connections/{id}/login")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"proxy\": {\n \"id\": \"<string>\",\n \"name\": \"<string>\"\n },\n \"record_session\": true\n}"

response = http.request(request)
puts response.read_body
{
  "id": "ma_abc123xyz",
  "flow_type": "LOGIN",
  "hosted_url": "https://auth.kernel.com/login/abc123xyz",
  "flow_expires_at": "2025-11-05T20:00:00Z",
  "handoff_code": "aBcD123EfGh456IjKl789MnOp012QrStUvWxYzAbCdEf",
  "live_view_url": "https://live.onkernel.com/abc123xyz"
}
{
"code": "bad_request",
"message": "Missing required field: app_name",
"details": [
{
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
],
"inner_error": {
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
}
{
"code": "bad_request",
"message": "Missing required field: app_name",
"details": [
{
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
],
"inner_error": {
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
}
{
"code": "bad_request",
"message": "Missing required field: app_name",
"details": [
{
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
],
"inner_error": {
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
}
{
"code": "bad_request",
"message": "Missing required field: app_name",
"details": [
{
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
],
"inner_error": {
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
}
{
"code": "bad_request",
"message": "Missing required field: app_name",
"details": [
{
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
],
"inner_error": {
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
}
{
"code": "bad_request",
"message": "Missing required field: app_name",
"details": [
{
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
],
"inner_error": {
"code": "invalid_input",
"message": "Provided version string is not semver compliant"
}
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

id
string
required

Auth connection ID

Body

application/json

Request to start a login flow

proxy
object

Proxy selection. Provide either id or name. The proxy must be in the same project as the resource referencing it. When selecting by name, the name must match exactly one active proxy in the project. Ambiguous names return a 400; use id for stable references.

record_session
boolean

Override the connection's default for recording this login's browser session. When omitted, the connection's record_session default is used.

Example:

true

Response

Login flow started

Response from starting a login flow

id
string
required

Auth connection ID

Example:

"ma_abc123xyz"

flow_type
enum<string>
required

Type of login flow started

Available options:
LOGIN,
REAUTH
Example:

"LOGIN"

hosted_url
string<uri>
required

URL to redirect user to for login

Example:

"https://auth.kernel.com/login/abc123xyz"

flow_expires_at
string<date-time>
required

When the login flow expires

Example:

"2025-11-05T20:00:00Z"

handoff_code
string

One-time code for handoff (internal use)

Example:

"aBcD123EfGh456IjKl789MnOp012QrStUvWxYzAbCdEf"

live_view_url
string<uri>

Browser live view URL for watching the login flow

Example:

"https://live.onkernel.com/abc123xyz"